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Amendments to the Claims : 

The following listing of claims will replace all prior versions, and listings, of claims in 
the application: 

1 . (Currently Amended) An apparatus for processing a subject name included in 
a personal certificate, comprising: 

a receiving part that receives a personal c e rtificat e ; certificate associated with 
an individual user: 

a verifying part that verifies the received personal certificate based on a digital 
signature technique; 

an extracting part that extracts at least one of a plurality of p redetermined 
elements in a subject name included in the received personal certificate; and 

a d e t e rmination determining p art that determines an access right of a hold e r of 
th e p e rsonal certificat e the individual user b ased on a value of the extracted at least one of the 
plurality of p redetermined e l e m e nt elements, wh e n th e p e rsonal c e rtificat e is succ e ssfully 
v e rifi e d, 

wherein the plurality of p redetermined elements includes an -at least one 
element allocated for representing a proj e ct, project and because the access right is 
determined based on the extracted element value, accessing a database or a directory service 
to determine the access right is unnecessary. 

2. (Currently Amended) The apparatus for processing a subject name included in 
a personal certificate according to claim 1, wherein the at least one of the plurality of 
predetermined elements is an organizational unit name of a predetermined hierarchy of the 
subject name. 

3. (Canceled) 

4. (Currently Amended) A web server compute r syst e m system, comprising: 
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a receiving part that receives a personal c e rtificat e : certificate associated with 
an individual user; 

a verifying part that verifies the received personal certificate based on a digital 
signature technique; 

an extracting part that extracts at least one of a plurality of p redetermined 
elements in a subject name included in the received personal certificate; and 

a determination determining p art that determines an access right of a hold e r of 
the p e rsonal c e rtificat e the individual user b ased on a value of the extracted at least one of the 
plurality of p redetermined e l e m e nt elements, w h e n th e r e c e iv e d personal c e rtificat e is 
succ e ssfully v e rifi e d, 

wherein the plurality of p redetermined elements includes an element allocated 
for representing a project, project, and because the access right is determined based on the 
extracted element value, accessing a database or a directory service to determine the access 
right is unnecessary. 

5. (Currently Amended) A web server compute r syst e m system, comprising: 

a receiving part that receives a personal certificat e ; certificate associated with 
an individual user; 

a verifying part that verifies the received personal certificate based on a digital 
signature technique; 

an allocating part that allocates a session identifier when the received personal 
certificate is successfully verified; 

an extracting part that extracts at least one of a plurality of p redetermined 
elements in a subject name included in the received personal certificate; 

a d e t e rmination determining p art that determines an access right of a hold e r of 
th e p e rsonal c e rtificat e the individual user b ased on a value of the extracted at least one of the 
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plurality of p redetermined e lem e nt elements; w h e n tho receiv e d p e rsonal certificat e is 
succ e ssfully v e rifi e d; and 

a memory that stores the determined access right of the individual user 
associated with the session identifier, 

wherein the plurality of p redetermined elements includes an element allocated 
for representing a proj e ct, project, and because the access right is determined based on the 
extracted element value, accessing a database or a directory service to determine the access 
right is unnecessary. 

6. (Currently Amended) The web server computer system according to claim 5, 
wherein the at least one of the plurality of p redetermined elements is an organizational unit 
name of a predetermined hierarchy of the subject name. 

7. (Canceled) 

8. (Currently Amended) An apparatus for processing a subject name included in 
a personal certificate, the apparatus comprising: 

a receiving part that receives the-a personal c e rtificat e ; associated with an 
individual user; ^ 

an extracting part that extracts at least one of a plurality of p redetermined 
e l e m e nt elements in a subject name included in the received personal certificate; and 

a d e t e rmina tien -determining p art that determines an access right of the 
individual user based on a value of the extracted at least one of the plurality of predetermined 
elements, the extracted at least one of the plurality of predetermined elements being an 
organizational unit name of b as e d on an organization te-of which a hold e r b e longs the 
individual user is a member and an attribute other than a p e rsonal ID r e pr e s e nt e d by a valu e 
of th e at l e ast one pr e d e t e rmin e d e l e m e nt, personal ID, 
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wherein because the access right is determined based on the extracted element 
value, accessing a database or a directory service to determine the access right is unnecessary. 

wher e in the at least on e pr e d e t e rmined el e m e nt in th e subj e ct name repr e s e nts 

a proj e ct. 

9. (Original) The apparatus for processing a subject name included in a personal 
certificate according to claim 8, wherein the organizational unit name of a predetermin e d 
hierarchy of the subj e ct name repr e s e nts indicates that the hold e r of th e c e rtificat e individual 
user is not a member of an -the organization represented by the organization organizational 
unit name and that the hold e r individual user cooperates with the organization. 

10. (Currently Amended) The apparatus for processing a subject name included in 
a personal certificate according to claim 8, wherein the organizational unit name e&et 
pr e d e termined hi e rarchy of th e s ubj e ct nam e represents a project name in which the hold e r 
individual user takes part. 

11. (Currently Amended) The apparatus for processing a subject name included in 
a personal certificate according to claim 8, wherein the organizational unit name 
predetermin e d hierarchy of th e subject nam e represents a cooperating organization name 
which cooperates with an -the organization represented by the organization organizational unit 
name and te-of which the hold e r b e longs, individual user is a member. 

12-14. (Canceled) 

15. (Currently Amended) A method for processing a subject name included in a 
personal certificate, comprising: 

receiving a personal c e rtificat e ; certificate associated with an individual user; 
verifying the received personal certificate based on a digital signature 

technique; 
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extracting at least one of a plurality of p redetermined elements in a subject 
name included in the received personal certificate; and 

determining an access right of a hold e r of th e p e rsonal c e rtificate the 
individual user b ased on a value of the extracted at least one of the plurality of p redetermined 
e l e m e nt elements, wh e n th e personal c e rtificat e is succ e ssfully v e rifi e d, 

wherein the plurality of p redetermined elements includes an element allocated 
for representing a proj e ct, project, and because the access right is determined based on the 
extracted element value, accessing a database or a directory service to determine the access 
right is unnecessary. 

16. (Currently Amended) A method for processing a subject name included in a 
personal certificate, the method comprising: 

receiving the-a personal c e rtificat e ; certificate associated with an individual 

user; 

extracting at least one of a plurality of p redetermined elem e nt elements in a 
subject name included in the received personal certificate; and 

determining an access right of the individual user based on a value of the 
extracted at least one of the plurality of predetermined elements, the extracted at least one of 
the plurality of predetermined elements being an organizational unit name of b as e d on an 
organization te-of which a holder belongs the individual user is a member and an attribute 
other than a personal ID r e pr e s e nt e d by a valu e of th e at l e ast on e pr e d e t e rmin e d e l e m e nt, 
personal ID, 

wherein because the access right is determined based on the extracted element 
value, accessing a database or a directory service to determine the access right is unnecessary. 

wh e r e in th e at l e ast one predetermined e l e m e nt in th e subj e ct nam e repr e s e nts 

a proj e ct. 
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17. (Currently Amended) A storage medium readable by a computer, the storage 
medium storing a program of instructions executable by the computer to perform a function 
for processing a subject name included in a personal certificate, the function comprising th e 
st e ps of: comprising: 

receiving a personal certificate; certificate associated with an individual user; 
verifying the received personal certificate based on a digital signature 

technique; 

extracting at least one of a plurality of p redetermined elements in a subject 
name included in the received personal certificate; and 

determining an access right of a hold e r of th e personal c e rtificat e the 
individual user b ased on a value the extracted at least one of the plurality of p redetermined 
e l e m e nt elements, wh e n th e p e rsonal c e rtificat e is succ e ssfully v e rifi e d, 

wherein the plurality of p redetermined elements includes an element allocated 
for representing a proj e ct, project, and because the access right is determined based on the 
extracted element value, accessing a database or a directory service to determine the access 
right is unnecessary. 

18. (Currently Amended) A storage medium readable by a computer, the storage 
medium storing a program of instructions executable by the computer to perform a function 
for processing a subject name included in a personal certificate, the function comprising: 

receiving the personal c e rtificate; certificate associated with an individual user; 

extracting at least one of a plurality of p redetermined e l e m e nt elements in a 
subject name included in the received personal certificate; and 

determining an access right of the individual user based on a value of the 
extracted at least one of the plurality of predetermined elements, the extracted at least one of 
the plurality of predetermined elements being an organizational unit name of bas e d on an 
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organization te-of which a hold e r b e longs the individual user is a member and an attribute 
other than a personal ID r e pr e s e nt e d by a valu e of tho at least on e pr e d e termined element, 
personal ID, 

wherein because the access right is determined based on the extracted element 
value, accessing a database or a directory service to determine the access right is unnecessary. 

wherein th e at l e ast on e pr e det e rmin e d elem e nt in th e subj e ct nam e repr e s e nts 

a proj e ct. 

19. (Canceled) 

20. (Currently Amended) An apparatus for processing a subject name included in 
a personal certificate, comprising: 

a receiving part that receives a personal c e rtificat e ; certificate associated with 
an individual user; 

a verifying part that verifies the received personal certificate based on a digital 
signature technique; 

an extracting part that extracts at least one of a plurality of p redetermined 
elements in a hierarchy of a subject name included in the received personal certificate; and 

a d e t e rmin ation -determining p art that determines an access right of a holder of 
the p e rsonal c e rtificat e the individual user based on a value of the extracted at least one of the 
plurality of p redetermined element elements, when tho personal certificate is successfully 
verifi e d, 

wherein the plurality of p redetermined elements includes an organizational 
unit name allocated for representing a project name and a common name allocated for 
representing a purpose of operation of the project, project, and because the access right is 
determined based on the extracted element value, accessing a database or a directory service 
to determine the access right is unnecessary. 
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21. (Currently Amended) The apparatus according to claim 1, wherein the 
plurality of p redetermined elements further includ e an includes at least one element allocated 
for representing a purpose of operation to be operated by the hold e r of th e p e rsonal c e rtificat e . 
individual user. 

22. (Currently Amended) The web server computer system according to claim 4, 
wherein the plurality of p redetermined elements further includ e an includes at least one 
element allocated for representing a purpose of operation to be operated by the hold e r of th e 
personal certificat e , individual user. 

23. (Currently Amended) The web server computer system according to claim 5, 
wherein the plurality of p redetermined elements further includ e an includes at least one 
element allocated for representing a purpose of operation to be operated by the hold e r of the 
p e rsonal c e rtificat e , individual user. 

24. (Currently Amended) The apparatus according to claim 8, wherein the at l e ast 
one -plurality of p redetermined e lem e nt in a hi e rarchy of th e subj e ct nam e elements further 
r e pr e sents includes at least one element allocated for representing a purpose of operation to be 
operated by the hold e r of the p e rsonal c e rtificat e , individual user. 

25. (Currently Amended) The method of claim 15, wherein the plurality of 
predetermined elements further includ e an includes at least one element allocated for 
representing a purpose of operation to be operated by the hold e r of the p e rsonal c e rtificat e . 
individual user 

26. (Currently Amended) The method of claim 16, wherein the at l e ast on e 
plurality of p redetermined e l e m e nt elements further r e pr e sents includes at least one element 
allocated for representing a purpose of operation to be operated by the hold e r of th e p e rsonal 
c e rtificat e , individual user. 



-9- 



Application No. 09/987,418 

27. (Currently Amended) The storage medium of claim 17, wherein the plurality 
of predetermined elements further includ e an includes at least one element allocated for 
representing a purpose of operation to be operated by the hold e r of th e p e rsonal c e rtificat e . 
individual user. 

28. (Currently Amended) The storage medium for storing a program of 
instructions of claim 18, wherein the at l e ast on e p lurality of p redetermined e l e m e nt elements 
further r e pr e s e nts includes at least one element allocated for representing a purpose of 
operation to be operated by the holder of th e p e rsonal c e rtificat e , individual user. 
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